lftp: overwrite arbitrary Vulnerability

Users of lftp please be advised of an overwrite arbitrary vulnerability that has been identified.
To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (http://criticalwatch.com/support/security-advisories.aspx)

rPSA-2010-0073-1: [rPSA-2010-0073-1] lftp
Description:

Previous versions of lftp contain a bug which could allow a remote

server to create or overwrite arbitrary files on a client. See

the linked CVE for more details on this.

http://wiki.rpath.com/Advisories:rPSA-2010-0073Read more at http://www.criticalwatch.com

 

Advertisements